| Eugene Smiley on 3 Dec 2004 15:36:03 -0000 |
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Paul wrote: > George Gallen wrote: > >> no, actually, in this sense, I meant bypassed. >> I assume that the gadget transforms figerprints >> to a number, and how unique would that number >> be vs using a password system. >> > > This is what I meant by possible protocol weakness. Maybe > something like a keystroke capture device, or software, could be > used to capture and replay the output of the thumbprint scanner. I thought I was on the side closer to paranoid, but I didn't think of about how a replay 'attack' could be used here. Ha! Maybe this is the M$ way of getting people to want Paladi[um|n] (which is it?).Get them hooked on it and then say, "Oh but unless you use it with an OS that runs on encrypted hardware it's really not a good idea." -----BEGIN PGP SIGNATURE----- iQA/AwUBQbCHhekD7QKn7f0vEQJ8OgCg5EwyH5CsQLkC5zlczEr78J1Mv7AAoJAm GsefoMzHTsFoiT4okrq+rv+m =EdZi -----END PGP SIGNATURE----- Attachment:
smime.p7s
|
|